Code Review
/
aaf
/
authz.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Merge "Increased auth cmd to 53 percent"
[aaf/authz.git]
/
conf
/
CA
/
manual.sh
diff --git
a/conf/CA/manual.sh
b/conf/CA/manual.sh
index
eb39159
..
7b75fbc
100644
(file)
--- a/
conf/CA/manual.sh
+++ b/
conf/CA/manual.sh
@@
-6,10
+6,12
@@
read FQI
if [ "$1" = "" -o "$1" = "-local" ]; then
echo "Personal Certificate"
SUBJECT="/CN=$FQI/OU=V1`cat subject.aaf`"
if [ "$1" = "" -o "$1" = "-local" ]; then
echo "Personal Certificate"
SUBJECT="/CN=$FQI/OU=V1`cat subject.aaf`"
+ NAME=$FQI
else
echo "Application Certificate"
SUBJECT="/CN=$1/OU=$FQI`cat subject.aaf`"
else
echo "Application Certificate"
SUBJECT="/CN=$1/OU=$FQI`cat subject.aaf`"
- FQI=$1
+ FQDN=$1
+ NAME=$FQDN
shift
fi
echo $SUBJECT
shift
fi
echo $SUBJECT
@@
-25,30
+27,30
@@
else
`stty echo`
# remove any previous Private key
`stty echo`
# remove any previous Private key
- rm private/$
FQI
.key
+ rm private/$
NAME
.key
# Create j regaular rsa encrypted key
# Create j regaular rsa encrypted key
- openssl req -new -newkey rsa:2048 -sha256 -keyout private/$
FQI
.key \
- -out $
FQI
.csr -outform PEM -subj "$SUBJECT" \
+ openssl req -new -newkey rsa:2048 -sha256 -keyout private/$
NAME
.key \
+ -out $
NAME
.csr -outform PEM -subj "$SUBJECT" \
-passout stdin << EOF
$PASSPHRASE
EOF
-passout stdin << EOF
$PASSPHRASE
EOF
- chmod 400 private/$
FQI
.key
+ chmod 400 private/$
NAME
.key
SIGN_IT=true
else
SIGN_IT=true
else
- echo openssl req -newkey rsa:2048 -sha256 -keyout $
FQI.key -out $FQI
.csr -outform PEM -subj '"'$SUBJECT'"'
- echo chmod 400 $
FQI
.key
+ echo openssl req -newkey rsa:2048 -sha256 -keyout $
NAME.key -out $NAME
.csr -outform PEM -subj '"'$SUBJECT'"'
+ echo chmod 400 $
NAME
.key
echo "# All done, print result"
echo "# All done, print result"
- echo openssl req -verify -text -noout -in $
FQI
.csr
+ echo openssl req -verify -text -noout -in $
NAME
.csr
fi
fi
if [ "$SIGN_IT" = "true" ]; then
# Sign it
fi
fi
if [ "$SIGN_IT" = "true" ]; then
# Sign it
- openssl ca -config ../openssl.conf -extensions server_cert -out $
FQI
.crt \
+ openssl ca -config ../openssl.conf -extensions server_cert -out $
NAME
.crt \
-cert certs/ca.crt -keyfile private/ca.key \
-policy policy_loose \
-days 360 \
-cert certs/ca.crt -keyfile private/ca.key \
-policy policy_loose \
-days 360 \
- -infiles $
FQI
.csr
+ -infiles $
NAME
.csr
fi
fi